Automattic: >> Crowdsignal Dashboard Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-16
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Reflected XSS.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-02-10
Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-11-17
The Crowdsignal Dashboard WordPress plugin before 3.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.002
Published
2022-08-08